[openssl-commits] [openssl] OpenSSL_1_1_1-stable update

Richard Levitte levitte at openssl.org
Mon Oct 29 16:32:42 UTC 2018


The branch OpenSSL_1_1_1-stable has been updated
       via  d308458ef138dfbe925203b5cb01a015f0aa93ac (commit)
      from  86743ef857ae3323e0d5afe73282d79b7245586f (commit)


- Log -----------------------------------------------------------------
commit d308458ef138dfbe925203b5cb01a015f0aa93ac
Author: Richard Levitte <levitte at openssl.org>
Date:   Fri Oct 26 13:42:40 2018 +0200

    test/evp_test.c: don't misuse pkey_test_ctrl() in mac_test_run()
    
    pkey_test_ctrl() was designed for parsing values, not for using in
    test runs.  Relying on its returned value when it returned 1 even for
    control errors made it particularly useless for mac_test_run().
    
    Here, it gets replaced with a MAC specific control function, that
    parses values the same way but is designed for use in a _run() rather
    than a _parse() function.
    
    This uncovers a SipHash test with an invalid control that wasn't
    caught properly.  After all, that stanza is supposed to test that
    invalid control values do generate an error.  Now we catch that.
    
    Reviewed-by: Tim Hudson <tjh at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/7500)
    
    (cherry picked from commit ce5d64c79c4d809ece8fe28a5b62915467a1c0e1)

-----------------------------------------------------------------------

Summary of changes:
 test/evp_test.c                          | 33 ++++++++++++++++++++++++++------
 test/recipes/30-test_evp_data/evpmac.txt |  3 +--
 2 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/test/evp_test.c b/test/evp_test.c
index 2ac69e1..e7e376e 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -73,8 +73,6 @@ static KEY_LIST *public_keys;
 static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst);
 
 static int parse_bin(const char *value, unsigned char **buf, size_t *buflen);
-static int pkey_test_ctrl(EVP_TEST *t, EVP_PKEY_CTX *pctx,
-                          const char *value);
 
 /*
  * Compare two memory regions for equality, returning zero if they differ.
@@ -927,6 +925,28 @@ static int mac_test_parse(EVP_TEST *t,
     return 0;
 }
 
+static int mac_test_ctrl_pkey(EVP_TEST *t, EVP_PKEY_CTX *pctx,
+                              const char *value)
+{
+    int rv;
+    char *p, *tmpval;
+
+    if (!TEST_ptr(tmpval = OPENSSL_strdup(value)))
+        return 0;
+    p = strchr(tmpval, ':');
+    if (p != NULL)
+        *p++ = '\0';
+    rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
+    if (rv == -2)
+        t->err = "PKEY_CTRL_INVALID";
+    else if (rv <= 0)
+        t->err = "PKEY_CTRL_ERROR";
+    else
+        rv = 1;
+    OPENSSL_free(tmpval);
+    return rv > 0;
+}
+
 static int mac_test_run(EVP_TEST *t)
 {
     MAC_DATA *expected = t->data;
@@ -972,8 +992,9 @@ static int mac_test_run(EVP_TEST *t)
         goto err;
     }
     for (i = 0; i < sk_OPENSSL_STRING_num(expected->controls); i++)
-        if (!pkey_test_ctrl(t, pctx,
-                            sk_OPENSSL_STRING_value(expected->controls, i))) {
+        if (!mac_test_ctrl_pkey(t, pctx,
+                                sk_OPENSSL_STRING_value(expected->controls,
+                                                        i))) {
             t->err = "EVPPKEYCTXCTRL_ERROR";
             goto err;
         }
@@ -2614,8 +2635,8 @@ top:
                 return 0;
             }
             if (rv < 0) {
-                TEST_info("Line %d: error processing keyword %s\n",
-                        t->s.curr, pp->key);
+                TEST_info("Line %d: error processing keyword %s = %s\n",
+                          t->s.curr, pp->key, pp->value);
                 return 0;
             }
         }
diff --git a/test/recipes/30-test_evp_data/evpmac.txt b/test/recipes/30-test_evp_data/evpmac.txt
index 6864070..4ec5fa4 100644
--- a/test/recipes/30-test_evp_data/evpmac.txt
+++ b/test/recipes/30-test_evp_data/evpmac.txt
@@ -157,8 +157,7 @@ Output = 5150d1772f50834a503e069a973fbd7c
 MAC = SipHash
 Ctrl = digestsize:13
 Key = 000102030405060708090A0B0C0D0E0F
-Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
-Output = 5150d1772f50834a503e069a973fbd7c
+Result = EVPPKEYCTXCTRL_ERROR
 
 Title = HMAC tests (from RFC2104 and others)
 


More information about the openssl-commits mailing list